Solution

One of the powerful features of PacketWise is its ability to classify traffic by dynamic DNS name, and to keep up with address changes even if DHCP or other dynamic addressing schemes are in use.

Cause

Resolution

Many servers use multiple or shifting IP addresses. For instance, a DNS lookup of www.cnn.com typically will return as many as 23 different IP addresses. PacketWise keeps track of all of the IP addresses associated with a DNS name, even as they change. Similarly, many organizations will bring backup database servers online for an application while doing maintenance or crash recovery. Because PacketWise is application-aware of dynamic DNS, it will observe that a new server at a new IP address is now handling transactions for "peoplesoft.packeteer.com" and continue applying policies correctly. Without this capability, IS networking staff would have to log into every QoS device and manually change the policies every time a new application server came online.

While user-based policies are often touted in QoS device literature, these are typically assigned by static IP address. Unfortunately, most organizations use dynamic IP address assignment schemes because of the much lower administration costs. Again, PacketWise's awareness of changing DNS entries allows it to keep up with the latest IP address that is associated with a user name, so that a policy for bob_smith.packeteer.com will work regardless of which IP address the DHCP server has given him today.

How can I look deeper into the DNS process if I am not getting the expected results?

The dns lookup hostname command displays a list of addresses, and will show the canonical name, if different from the query name.